若依微服务版,分离版皆可按照教程部署,本次教程为windows平台,linux平台下其实也可以参考,大同小异。
一,部署elasticsearch
官网下载:https://www.elastic.co/cn/downloads/elasticsearch
修改config目录下的elasticsearch.yml(此处改为false是跳过证书验证)
双击bin目录下elasticsearch.bat即可启动,首次启动会显示默认的elastic密码
//修改密码,首先进入到bin目录,执行如下命令进行密码重置
./elasticsearch-reset-password -u elastic -i
访问127.0.0.1:9200,验证是否启动成功(此处我是9201端口启动的)
二,部署Kibana
官网下载:https://www.elastic.co/cn/downloads/kibana
修改config目录下的kibana.yml
//加入以下配置信息,kibana_system的密码可以通过步骤一命令修改
elasticsearch.username: "kibana_system"
elasticsearch.password: "123456"
elasticsearch.hosts: ["http://127.0.0.1:9201"]
i18n.locale: "zh-CN"
双击bin目录下的kibana.bat启动
访问127.0.0.1:5601,使用超级管理员账号elastic登入,点击开发工具即可执行es命令
添加logstash通信账号
PUT /_security/role/logstash_admin_role
{
"cluster": ["manage", "all"],
"indices": [
{
"names": ["*"],
"privileges": ["view_index_metadata", "read", "write", "create_index", "manage", "all"],
"allow_restricted_indices": true
}
]
}
POST /_security/user/logstash_admin_user
{
"password": "123456",
"roles": [
"logstash_admin_role"
]
}
三,部署logstash
官网下载:https://www.elastic.co/cn/downloads/logstash
解压后创建logstash-elasticsearch.conf配置文件,同时添加内容
配置文件内容可以通过项目生成的日志文件自定义修改
input {
file {
path => "f:/home/wms/logs/*.log"
start_position => "beginning"
sincedb_path => "null"
codec => multiline {
pattern => "^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}"
negate => true
auto_flush_interval => 3
what => previous
}
}
}
filter {
if [log][file][path] =~ "info" {
mutate { replace => { type => "sys-info" } }
grok {
match => { "message" => "%{COMBINEDAPACHELOG}" }
}
date {
match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
}
} else if [log][file][path] =~ "error" {
mutate { replace => { type => "sys-error" } }
} else {
mutate { replace => { type => "random_logs" } }
}
}
output {
elasticsearch {
hosts => '127.0.0.1:9201'
user => "logstash_admin_user"
password => "123456"
}
stdout { codec => rubydebug }
}
在bin目录下执行以下命令启动
logstash.bat -f logstash-elasticsearch.conf
最后打开kibana控制台即可看见实时的日志信息